URL: https://user1.vm1.root2.dns-splitter.de/
Submission: On March 22 via automatic, source certstream-suspicious

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 5.199.130.135, located in Düsseldorf, Germany and belongs to MYLOC-AS IP Backbone of myLoc managed IT AG, DE. The main domain is user1.vm1.root2.dns-splitter.de.
TLS certificate: Issued by R3 on March 22nd 2021. Valid for: 3 months.
This is the only time user1.vm1.root2.dns-splitter.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 5.199.130.135 24961 (MYLOC-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
22 2
Domain Requested by
20 user1.vm1.root2.dns-splitter.de user1.vm1.root2.dns-splitter.de
2 www.google-analytics.com user1.vm1.root2.dns-splitter.de
www.google-analytics.com
22 2

This site contains links to these domains. Also see Links.

Domain
www.codeforpakistan.org
www.kpitb.gov.pk
Subject Issuer Validity Valid
user1.vm1.root2.dns-splitter.de
R3
2021-03-22 -
2021-06-20
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://user1.vm1.root2.dns-splitter.de/
Frame ID: CB4F3E26ECE2FE192A8634A0341AD5FF
Requests: 22 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2206 kB
Transfer

2496 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
user1.vm1.root2.dns-splitter.de/
6 KB
2 KB
Document
General
Full URL
https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
456306b36e62282b020a7da45740675d432567ef020d4093c73b7aaa9f8b7ac3

Request headers

:method
GET
:authority
user1.vm1.root2.dns-splitter.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
1758
content-type
text/html; charset=UTF-8
foundation.css
user1.vm1.root2.dns-splitter.de/css/
154 KB
21 KB
Stylesheet
General
Full URL
https://user1.vm1.root2.dns-splitter.de/css/foundation.css
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
818f1a3f33b01f42529ab17eb726dadce840febdcade1474f91c90c87874d7a3

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
etag
"26776-56f9abb905b80-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
20850
app.css
user1.vm1.root2.dns-splitter.de/css/
2 KB
572 B
Stylesheet
General
Full URL
https://user1.vm1.root2.dns-splitter.de/css/app.css
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
03c5f9f37353dea49498b34703041f641f768254c9d70a3d3088a241ba92c728

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
etag
"7fe-56f9abb905b80-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
518
normalize.css
user1.vm1.root2.dns-splitter.de/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://user1.vm1.root2.dns-splitter.de/css/normalize.css
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
8ee0613f23a1620668bdf2d74a8bad3e9704dd5768d761f75d4dbfc754c4ba13

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
etag
"1e67-56f9abb905b80-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2586
modernizr.js
user1.vm1.root2.dns-splitter.de/js/vendor/
11 KB
5 KB
Script
General
Full URL
https://user1.vm1.root2.dns-splitter.de/js/vendor/modernizr.js
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
92561d61d8627633529b8d4922bf4404f860ba8052f4c17f035e7faee5eef19a

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
etag
"2bfe-56f9abb905b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4631
logo.png
user1.vm1.root2.dns-splitter.de/img/
5 KB
5 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/logo.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
c8a5ac385cddbda1df72e4eef770757b2b020d63c824d9c9e796320c2e173566

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"127c-56f9abb905b80"
content-length
4732
content-type
image/png
feature-image-medium-up.png
user1.vm1.root2.dns-splitter.de/img/
344 KB
347 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/feature-image-medium-up.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
451c6717649397eb2f99b49e79c49251b745039a01eb63e3864b57cc6527ec51

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"56168-56f9abb905b80"
content-length
352616
content-type
image/png
feature-image-small.png
user1.vm1.root2.dns-splitter.de/img/
474 KB
478 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/feature-image-small.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
8e7ec55a0574044b2cb49312fc61609f0102f3c15050cbaef0ae16bc0799c830

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"7692e-56f9abb905b80"
content-length
485678
content-type
image/png
feature-1.png
user1.vm1.root2.dns-splitter.de/img/
141 KB
142 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/feature-1.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
9b5be9c19569255149425bc8a0cebb9b06263c53dd9656b50dec8db4837528d3

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"2337d-56f9abb905b80"
content-length
144253
content-type
image/png
feature-2.png
user1.vm1.root2.dns-splitter.de/img/
366 KB
367 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/feature-2.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
51a06386426f4455d9109feb96f41a786ad9f23c848408a7bcabc73708e33fb8

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"5b9d3-56f9abb905b80"
content-length
375251
content-type
image/png
feature-3.png
user1.vm1.root2.dns-splitter.de/img/
120 KB
120 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/feature-3.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
e123c63c5a33a15b69f174b6c8651aa4a1c0220b35f59380bd3ab381b9425518

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"1e063-56f9abb905b80"
content-length
122979
content-type
image/png
feature-4.png
user1.vm1.root2.dns-splitter.de/img/
261 KB
261 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/feature-4.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
d73e85dd25bb81e6a4d6979bcf8caf54849abf0a2499d1dc7e18711ff4da6794

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"41371-56f9abb905b80"
content-length
267121
content-type
image/png
cs-android.png
user1.vm1.root2.dns-splitter.de/img/
74 KB
75 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/cs-android.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
58e1d0a5a6b14c2ba1833216bcbdc154277a689bb2b0d88ee476a4fdefddaff6

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"129ea-56f9abb905b80"
content-length
76266
content-type
image/png
cs-apple.png
user1.vm1.root2.dns-splitter.de/img/
66 KB
66 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/cs-apple.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
a61ec8296b7850493bc79b4116f1256f046226403dbee28e61c2a013a43956e4

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"10911-56f9abb905b80"
content-length
67857
content-type
image/png
messiah-logo.png
user1.vm1.root2.dns-splitter.de/img/
208 KB
208 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/messiah-logo.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
0bdf4e26dc4059fbb30e06b5998f937a2ed9e5d514779cdebaed4cc631ef3001

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"33e83-56f9abb905b80"
content-length
212611
content-type
image/png
code-for-pakistan.png
user1.vm1.root2.dns-splitter.de/img/
5 KB
5 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/code-for-pakistan.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
a66c5462b1962a1e233cbe02df08f11bedba3414d84398e4305c837e35c1f705

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"1483-56f9abb905b80"
content-length
5251
content-type
image/png
kp-itboard.png
user1.vm1.root2.dns-splitter.de/img/
30 KB
30 KB
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/kp-itboard.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
7a69feea44d0e1157c7ab3de9159844e349242f0f82211b81531ebcecadd2031

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"79ba-56f9abb905b80"
content-length
31162
content-type
image/png
jquery.js
user1.vm1.root2.dns-splitter.de/js/vendor/
83 KB
30 KB
Script
General
Full URL
https://user1.vm1.root2.dns-splitter.de/js/vendor/jquery.js
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
a294fb8bca0e3cd0eb2e1b0cb2c7dbb9c939098c8ef8ba572e16e6d7a6752814

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
etag
"14a8d-56f9abb905b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
29952
foundation.min.js
user1.vm1.root2.dns-splitter.de/js/
90 KB
23 KB
Script
General
Full URL
https://user1.vm1.root2.dns-splitter.de/js/foundation.min.js
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
c74c870e623fff81aa756503b40546b2cae03da62ee55f91f2b82488f9ec3462

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
etag
"1679d-56f9abb905b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
23045
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
2527
date
Mon, 22 Mar 2021 03:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 22 Mar 2021 05:28:25 GMT
tick.png
user1.vm1.root2.dns-splitter.de/img/
679 B
727 B
Image
General
Full URL
https://user1.vm1.root2.dns-splitter.de/img/tick.png
Requested by
Host: user1.vm1.root2.dns-splitter.de
URL: https://user1.vm1.root2.dns-splitter.de/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.130.135 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vm1.root2.dns-splitter.de
Software
Apache /
Resource Hash
3d79d7d36a4d7b215d2982e1a5ad82f5bfc9411c468f56d4ecc44c7727e8b3f0

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 04:10:32 GMT
last-modified
Wed, 27 Jun 2018 07:40:46 GMT
server
Apache
accept-ranges
bytes
etag
"2a7-56f9abb905b80"
content-length
679
content-type
image/png
collect
www.google-analytics.com/j/
2 B
399 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=525026796&t=pageview&_s=1&dl=https%3A%2F%2Fuser1.vm1.root2.dns-splitter.de%2F&ul=en-us&de=UTF-8&dt=Messiah%20%7C%20Emergency%20Alert%20Messanger&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1641754090&gjid=1828911398&cid=1860530647.1616386232&tid=UA-50966088-3&_gid=126812162.1616386232&_r=1&_slc=1&z=315831041
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://user1.vm1.root2.dns-splitter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Mar 2021 04:10:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://user1.vm1.root2.dns-splitter.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| Foundation object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.dns-splitter.de/ Name: _gid
Value: GA1.2.126812162.1616386232
.dns-splitter.de/ Name: _gat
Value: 1
.dns-splitter.de/ Name: _ga
Value: GA1.2.1860530647.1616386232

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

user1.vm1.root2.dns-splitter.de
www.google-analytics.com
2a00:1450:4001:803::200e
5.199.130.135
03c5f9f37353dea49498b34703041f641f768254c9d70a3d3088a241ba92c728
0bdf4e26dc4059fbb30e06b5998f937a2ed9e5d514779cdebaed4cc631ef3001
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
3d79d7d36a4d7b215d2982e1a5ad82f5bfc9411c468f56d4ecc44c7727e8b3f0
451c6717649397eb2f99b49e79c49251b745039a01eb63e3864b57cc6527ec51
456306b36e62282b020a7da45740675d432567ef020d4093c73b7aaa9f8b7ac3
51a06386426f4455d9109feb96f41a786ad9f23c848408a7bcabc73708e33fb8
58e1d0a5a6b14c2ba1833216bcbdc154277a689bb2b0d88ee476a4fdefddaff6
7a69feea44d0e1157c7ab3de9159844e349242f0f82211b81531ebcecadd2031
818f1a3f33b01f42529ab17eb726dadce840febdcade1474f91c90c87874d7a3
8e7ec55a0574044b2cb49312fc61609f0102f3c15050cbaef0ae16bc0799c830
8ee0613f23a1620668bdf2d74a8bad3e9704dd5768d761f75d4dbfc754c4ba13
92561d61d8627633529b8d4922bf4404f860ba8052f4c17f035e7faee5eef19a
9b5be9c19569255149425bc8a0cebb9b06263c53dd9656b50dec8db4837528d3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a294fb8bca0e3cd0eb2e1b0cb2c7dbb9c939098c8ef8ba572e16e6d7a6752814
a61ec8296b7850493bc79b4116f1256f046226403dbee28e61c2a013a43956e4
a66c5462b1962a1e233cbe02df08f11bedba3414d84398e4305c837e35c1f705
c74c870e623fff81aa756503b40546b2cae03da62ee55f91f2b82488f9ec3462
c8a5ac385cddbda1df72e4eef770757b2b020d63c824d9c9e796320c2e173566
d73e85dd25bb81e6a4d6979bcf8caf54849abf0a2499d1dc7e18711ff4da6794
e123c63c5a33a15b69f174b6c8651aa4a1c0220b35f59380bd3ab381b9425518